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CLAIMS 

1 . A system including: 

5 a plurality of devices (142,150,152,154,156); 

administration means (142,118) for allowing selected devices 
(150,156) to be associated together as a group by providing each 
device with security data and identification data, the security data 

10 of each device being interpretable by each other device within the 

group, particular modes of communication only being allowed 
between devices within the group having such security data, and the 
identification data identifying each device within the group for the 
purpose of delivering data to that device but not necessarily being 

15 recognisable by other devices not in said group; and 



routing means (110,116) having an external identifier recognisable 
by devices not in said group for routing communications via a 
communication medium (140) and for communicating data 
20. originating from one device (150) within said group received via 

said communication medium (140) by means of the external 
identifier to another device (152) within said group using the 
identification data. 

25 2. The system of claim 1, comprising a plurality of said routing means. 

3. The system of claim 2, wherein said routing means are'operable to 
route said data securely therebetween via said communication medium. 
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4. The system of any one of the preceding claims, wherein the data is 
transmitted by IPsec. 

5. The system of any one of the preceding claims, wherein the external 
5 identifier is a unique public IP address or telephone number. 

6. The system of any one of the preceding claims, wherein the 
identification data comprises a respective local IP address assigned to each 
device by the administration means. 

10 

7. The system of any one of the preceding claims, wherein at least one 
of the devices comprises a mobile telecommunications terminal and is 
operable to communicate with an associated one of the routing means via a 
mobile telecommunications network. 

15 

8. The system of claim 7, wherein the routing means includes means 
for authenticating the mobile terminal. 

9. The system of claim 8, wherein the authenticating means is operable 
20 to authenticate the mobile terminal using data relating to the subscription of 

the mobile terminal with the mobile telecommunications network. 

10. The system of claim 9, wherein the mobile telecommunications 
terminal includes a smart card storing data for exchange with said 

25 authentication means. 

11. The system of any one of claims 7 to 10, wherein the mobile 
telecommunications network is a GSM network. 
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12. The system of any one of claims 7 to 10, wherein the mobile 
telecommunications network is a UMTS (3G) network. 

13. The system of any one of claims 7 to 12, wherein data is exchanged 
between the mobile telecommunications terminal and the routing means by 
a GPRS link. 

14. The system of any one of the preceding claims, wherein data is 
exchanged between the mobile telecommunications terminal and the 
routing means using Session Initiation Protocol (SIP). 

15. The system of any one of claims 2 to 14, wherein the routing means 
are operable to exchange external identifiers therebetween. 

16. The system of any one of claims 2 to 15, including means for 
generating an IP address for enabling communications to be routed between 
respective ones of the routing means. 

17. The system of any one of the preceding claims, wherein each device 
stores a key. 

18. The system of any one of the preceding claims, wherein the routing 
means is operable to generate a public-private key pair. 

19. The system of claims 17 and 18, wherein the device associated with 
the routing means is operable to generate a certificate using the public key 
of the routing means and the device' s key. 

20. The system of claim 19, wherein the routing means is operable to 
authenticate itself with the administration means using said certificate. 
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21. A method of configuring an IP address to allow data exchange 
between a first device "A" and a second device "B" that are associated with 
one another in a group, the group having a group identifier "Group-ID", and 

5 each device having unique identifier "Group-Member-ID" within the group, 
and where the devices are coupled to one another for communication 
therebetween via respective communication hubs "Hub-A" and "Hub-B", 
the method including providing each of said devices with a unique IP 
address within said group. 

10 

22 . The method of claim 2 1 , including: 

allocating a range of IP addresses as follows: first octet of the IP 
address=10 (Fixed) .X.Y.Z; where X,Y 3 Z is calculated as follows: 
X = [Hash(Group-ID)] [0, 1 ,2 ... 1 5], 
15 Y= [Hash(IDn][7,8,....15] 

Z = [Hash(Group-Member-ID)][0 5 l,2....7]; 
where the IDn is either Group-Member-ED or an identifier of a device 
acting as a gateway device for a plurality of the devices, 
where the final IP address=10.X.Y.Z, and 
20 where "Hash" is a hash function. 

23. The method of claim 22, wherein "Hash" is a MD5 algorithm. 

24. A method of enabling communication between a plurality of devices 
25 (142,150,152,154,156), the method including associating selected devices 

(150,152) together as a group by providing each device (150,152) with 
security data and identification data, the security data of each device being 
interpretable by each other device within the group, particular modes of 
communication only being allowed between devices within the group 
30 having such security data, and the identification data identifying each 



WO 2005/053266 PCT/GB2004/00471 1 

44 

device within the group for the purpose of delivering data to that device but 
not necessarily being recognisable by other devices not in said group; and 
routing data originating from one device (150) within said group by routing 
means (1 10,1 16), having an external identifier recognisable by devices not 
in said group for routing communications via a communication medium 
(140), which communicates that data received via the communication 
medium (140) by means of the external identifier to another device (152) 
within said group using the identification data. 

25. The method of claim 24, including providing a plurality of said 
routing means. 

26. The method of claim 25, wherein said routing means route said data 
securely therebetween via said communication medium. 

27. The method of any one of claims 24 to 26, wherein the data is 
transmitted by IPsec. 

28. The method of any one of claims 24 to 27, wherein the external 
identifier is a unique public IP address or telephone number. 

29. The method of any one of claims 24 to 28, wherein the identification 
data comprises a respective local IP address assigned to each device. 

30. The method of any one of the preceding claims, wherein at least one 
of the devices comprises a mobile telecommunications terminal which 
communicates with an" associated one of the routing means via a mobile 
telecommunications network. 
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3 1 . The method of claim 30, wherein the routing means authenticates the 
mobile terminal. 

32. The method of claim 31, wherein the mobile terminal is 
5 authenticated using data relating to the subscription of the mobile terminal 

with the mobile telecommunications network. 

33. The method of claim 32, wherein a smart card associated with the 
mobile telecommunications terminal stores data to perform said 

10 authentication. 

34. The method of any one of claims 30 to 33, wherein the mobile 
telecommunications network is a GSM network. 

15 35. The method of any one of claims 28 to 33, wherein the mobile 
telecommunications network is a UMTS (3G) network. 

36. The method of any one of claims 30 to 35, wherein data is 
exchanged between the mobile telecommunications terminal and the 

20 routing means by a GPRS link. 

37. The system of any one of the claims 24 to 32, wherein using Session 
Initiation Protocol (SIP). 

25 38. The method of any one of claims 25 to 37, wherein respective ones 
of the routing means exchange external identifiers therebetween. 

39. The method of any one of claims 25 to 38, including generating an 
IP address for enabling communications to be routed between respective 
30 ones of the routing means. 
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40. The method of any one of the preceding claims, wherein each device 
stores a key. 

5 41. The method of any one of the preceding claims, wherein the routing 
means generates public-private key pairs. 

42. The method of claims 40 and 41, wherein the device associated with 
the routing means generates a certificate using the public key of the routing 
10 means and the device's key. 



43. The method of claim 42, wherein the routing means authenticates 
itself within the group using said certificate. 

15 44. A routing node (118) for enabling communication between a 
plurality of devices (142,150,152,154,156) which are associated together as 
a group by providing each device with security data and identification data, 
the security data of each device being interpretable to each other device 
within the group, particular modes of communication only being allowed 

20 between devices within the group having such security data, and the 
identification data identifying each device within the group for the purpose 
of delivering data to that device but not necessarily being recognisable by 
other devices not in said group; wherein the routing node (118) has an 
external identifier recognisable by devices not in said group for routing 

25 communications via a communication medium (140), and communicates 
data originating from one device (150) within said group received via said 
communication medium (140) by means of the external identifier to another 
device (152) within said group using the identification data. 



WO 2005/053266 PCT/GB2004/00471 1 

47 

45. The system, method or routing node of any one of the preceding 
claims, wherein the communication medium comprises the Internet. 



